Knowledge

ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT - 14075 (0x36FB)

Assembly Protection Error : The public key for an assembly was too short to be allowed.

Updated: Feb 21, 2026

Technical Background

The ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT error is a specific runtime error that occurs when the public key associated with an assembly in the Windows Side-by-Side (SXS) manifest does not meet the minimum length requirements for cryptographic validation.

Error Details

This error indicates that the public key embedded within an assembly manifest, which is used to verify the integrity and authenticity of the assembly, is insufficiently long. The SXS subsystem enforces a minimum key length requirement to ensure robust cryptographic protection against tampering or unauthorized modifications.

Common Causes

  • Invalid Public Key Length: The public key provided in the assembly manifest does not meet the required minimum length for cryptographic validation.
  • Incorrect Assembly Manifest: The assembly manifest may be corrupted or incorrectly formatted, leading to an invalid public key.
  • Unsupported Operation: Attempting to load or validate an assembly with a public key that is too short is unsupported by the SXS subsystem.

Real-World Context

This error typically occurs during the loading of assemblies in applications that rely on the SXS framework for managing and deploying shared components. The SXS framework ensures that only trusted and correctly signed assemblies are loaded, thereby enhancing application security.

Is This Error Critical?

The ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT is a critical error as it indicates a potential security vulnerability in the assembly being loaded. It should be addressed to prevent unauthorized access or tampering with the application's components.

How to Diagnose

  1. Review Assembly Manifest: Verify that the public key specified in the assembly manifest meets the minimum length requirements for cryptographic validation.
  2. Validate Public Key Length: Use tools such as sn.exe (Strong Name Utility) to check the length of the public key and ensure it is at least 1024 bits or longer, depending on the security policy enforced by your environment.
  3. Check SXS Configuration: Ensure that the SXS configuration does not enforce stricter key length requirements than those supported by the assembly being loaded.

How to Resolve

  • Correct Public Key Usage: Ensure that the public key in the assembly manifest is correctly specified and meets the minimum length requirement.
  • Update Assembly Manifest: If the public key is too short, update the manifest with a longer key or use a different signing mechanism that supports longer keys.
  • Re-sign Assemblies: Re-sign assemblies using a stronger cryptographic algorithm to generate a longer public key if necessary.

Developer Notes

Developers should ensure that all assemblies used in SXS-managed applications are properly signed and that the public keys meet the minimum length requirements enforced by the SXS subsystem. This is crucial for maintaining the security and integrity of the application components.

Related Errors

  • ERROR_SXS_PROTECTION_PUBLIC_KEY_NOT_FOUND: Indicates that a required public key was not found in the assembly manifest.
  • ERROR_SXS_POLICY_PARSE_FAILURE: Occurs when there are issues with the policy file used by SXS to manage assemblies.

FAQ

Q: What does the ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT error mean?

A: This error indicates that the public key in an assembly manifest is too short to be valid for cryptographic validation, leading to potential security vulnerabilities.

Q: How can I prevent this error from occurring?

A: Ensure that all assemblies are properly signed with a public key that meets the minimum length requirements enforced by the SXS subsystem. Use tools like sn.exe to verify and update keys as necessary.

Q: Is there a way to bypass this error for testing purposes?

A: No, bypassing this error is not recommended due to potential security risks. It is essential to ensure that all assemblies are correctly signed with valid public keys before deployment.

Summary

The ERROR_SXS_PROTECTION_PUBLIC_KEY_TOO_SHORT error highlights a critical issue in the cryptographic validation of an assembly manifest. Developers must ensure that all assemblies used in SXS-managed applications are properly signed and meet the minimum key length requirements to maintain application security and integrity.